The Defense Information Systems Agency asked technology companies on Wednesday for ideas on how to build an e-mail defense system on the perimeter of its networks that can scan 50 million inbound messages a day to catch spam, viruses and cyberattacks.
In a notice to industry, DISA said it needs to protect 700 unclassified network domains and that, while there are many individual e-mail domains administered by Defense Department units, "there is a possibility these may be combined into one enterprise DoD e-mail domain."
Defense currently scans e-mails for viruses and spam coming into systems serving the military services, commands or units. DISA wants to extend the protection to the interface between the Internet and its unclassified network, the Non-classified Internet Protocol Router Network. The agency also wants the ability to scan all outbound e-mails from the 5 million users.
The issue of spam is serious, Defense reports. Army Lt. Gen. Keith B. Alexander, director of the National Security Agency, told an audience attending the RSA Security Conference in San Francisco in April that about 20 billion e-mails are sent globally every day, of which 65 percent to 70 percent are spam.
DISA's request ties in with recommendations that the Defense Science Board issued in April that said Defense is more vulnerable to cyberattacks because of its decentralized networks and systems. The board envisioned a major role for DISA in developing the architecture for enterprisewide systems.
The agency asked IT companies to submit ideas for developing an unclassified e-mail security gateway that would provide a security border that at a minimum could filter viruses, spam, phishing attacks and content in the e-mails sent to 5 million Defense personnel. The system would protect the "logical first hop" into Defense networks and would not be intended to take the place of individual e-mail security systems that the services, commands, bases and units operate.
Margaret Diego, global product marketing for Trend Micro in Cupertino, Calif., said her company can provide such services, starting with matching the addresses of incoming e-mails against a database of known senders of spam. Trend Micro scans e-mail for viruses and spam, and then performs content filtering in the body of the e-mail. If the message passes all the checks, it's sent to the recipient.
The biggest problem DISA faces in deploying an e-mail system on such a massive scale is management, including policies that govern the kinds of traffic that can be passed through the system, said David Frazer, director of technology services for F-Secure, an Internet security company based in Helsinki, Finland.
Once a new threat is discovered, it must be included in e-mail protection software and pushed out to servers that run the protection system, he said.
Gary Moore, chief technology officer for Entrust in Dallas, a manufacturer of scanning software for outbound e-mail traffic, said Defense will need to deploy a massive server and network infrastructure to sift through 50 million e-mails a day and estimated the cost of such a system at $100 million.